~dricottone/x509-validator

x509-validator/main.go -rw-r--r-- 1.0 KiB
a3a19b0bDominic Ricottone Strategic retreat 3 months ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

package main

import (
	"fmt"
	"crypto/tls"
	"time"
)

func main() {
	domains := []string{
		"www.dominic-ricottone.com",
		"git.dominic-ricottone.com",
		"www.intra.dominic-ricottone.com",
		"media.intra.dominic-ricottone.com",
	}

	longest := 0
	for _, d := range domains {
		if longest < len(d) {
			longest = len(d)
		}
	}

	for _, d := range domains {
		fmt.Printf("%*s: ", longest, d)

		// I'm only ever going to care about real HTTPS certs,
		// so I am hardcoding the port
		name := d + ":443"

		conn, err := tls.Dial("tcp", name, nil)
		if err != nil {
			fmt.Println("No certificate found")
			continue
		}
	
		expiry := conn.ConnectionState().PeerCertificates[0].NotAfter
		timestamp := expiry.Format("Monday, January 2")
		days := int(time.Until(expiry).Hours() / 24)
	
		if days < 0 {
			fmt.Println("Expired")
		} else if days < 1 {
			fmt.Println("Expiring today")
		} else if days < 2 {
			fmt.Println("Valid for 1 day\n")
		} else {
			fmt.Printf("Valid for %d days (until %s)\n", days, timestamp)
		}
	}
}